[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2018-20433
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 25 08:14:00 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
969fa0e3 by Salvatore Bonaccorso at 2019-04-25T07:13:32Z
Reference upstream commit for CVE-2018-20433
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20667,7 +20667,7 @@ CVE-2018-20433 (c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in co
{DLA-1621-1}
- c3p0 0.9.1.2-10 (bug #917257)
[stretch] - c3p0 0.9.1.2-9+deb9u1
- NOTE: https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b
+ NOTE: https://github.com/swaldman/c3p0/commit/7dfdda63f42759a5ec9b63d725b7412f74adb3e1
CVE-2018-20432
RESERVED
CVE-2018-20431 (GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerabil ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/969fa0e3f8fe4d51aee594156e50a52475d9e516
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/969fa0e3f8fe4d51aee594156e50a52475d9e516
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190425/bd11134d/attachment.html>
More information about the debian-security-tracker-commits
mailing list